Compared to all emerging issues, privacy is probably the most prominent concern when it comes to judging the effects of a wide spread deployment of ubiquitous computing. On one hand, service providers want to authenticate legitimate users and make sure they are accessing their authorized services in a legal way. On the other hand, users prefer not to expose any sensitive information to anybody. They want to have complete control on their personal data, without being tracked down for wherever they are, whenever and whatever they do. In this paper, we introduce an anonymous identification authentication and access control scheme to secure interactions between users and services in ubiquitous environments. The scheme uses anonymous user ID, sensitive data sharing method, and account management to provide a lightweight authentication while keeping users anonymously interacting with the services in a secure and flexible way.